Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/27f7781f-dbc5-4c40-971f-5751e1ea35b1.roa
File:                     27f7781f-dbc5-4c40-971f-5751e1ea35b1.roa (raw, json)
Hash identifier:          eMSJRRMrxagGVYjyih8SqpH0TjivHIsLj3a1M5DSzX4=
Subject key identifier:   C9:35:B9:EE:F8:A2:70:CD:A2:5B:53:3F:66:95:B6:32:28:D2:4D:4C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7EBB31EC6AD7B48B6EB6B8691B0D6AFE8EA408BB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/27f7781f-dbc5-4c40-971f-5751e1ea35b1.roa
Signing time:             Tue 22 Jul 2025 00:32:00 +0000
ROA not before:           Tue 22 Jul 2025 00:32:00 +0000
ROA not after:            Tue 26 Aug 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        5.174.112.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 06 Aug 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:bb:31:ec:6a:d7:b4:8b:6e:b6:b8:69:1b:0d:6a:fe:8e:a4:08:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul 22 00:32:00 2025 GMT
            Not After : Aug 26 23:59:59 2025 GMT
        Subject: serialNumber=64e0e63b73a24bf9974a468511cbe9f433f25b3ac1946cbb99a8eed14bce8200, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:4e:44:dc:e4:2b:a7:1b:62:49:7c:98:c1:1c:
                    24:5f:4c:8e:29:d6:93:94:3f:f4:fe:8a:67:84:d3:
                    4a:28:e3:87:38:e6:ea:be:ae:a8:a9:a7:e4:70:6f:
                    6e:4c:47:d4:29:a7:7d:66:25:f3:c5:d8:1c:60:1d:
                    1f:f5:c8:a6:b7:c0:17:00:d1:71:7b:5b:04:6c:53:
                    f4:96:73:2c:bc:85:61:34:98:2f:4e:b6:f0:02:7d:
                    fd:99:05:c1:5e:cd:50:53:9a:10:5a:76:cc:86:f2:
                    f7:0e:dd:a4:81:6b:42:68:94:2a:00:50:fd:32:b2:
                    a1:16:32:5b:f3:7b:d1:4b:ea:bc:88:e7:57:39:60:
                    f8:73:c9:aa:b9:de:ae:01:e3:bd:b9:1b:8a:b2:d9:
                    7a:ca:60:32:ce:07:f7:8a:59:89:16:e5:11:69:ac:
                    17:e3:b5:61:6f:8f:59:8b:2f:43:de:fe:3c:8d:fb:
                    e0:fe:e8:3d:c1:d4:fc:84:0b:57:11:5e:45:2b:d4:
                    8a:75:1b:c1:e5:bf:7f:16:4d:46:f0:75:f1:6d:a1:
                    23:e4:2b:ef:8f:65:0e:58:3d:ce:1c:98:45:cc:11:
                    a3:8e:d2:ad:e7:04:59:4b:f5:39:3d:42:6b:7f:1e:
                    65:59:45:55:33:cb:6d:1c:13:5d:2a:48:be:6a:e6:
                    a9:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:35:B9:EE:F8:A2:70:CD:A2:5B:53:3F:66:95:B6:32:28:D2:4D:4C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/27f7781f-dbc5-4c40-971f-5751e1ea35b1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.174.112.0/20

    Signature Algorithm: sha256WithRSAEncryption
         9e:76:3b:1b:0b:39:e4:ff:51:87:56:5b:63:30:ae:be:45:76:
         c8:8a:e0:b9:50:07:7b:50:16:12:0f:4b:20:63:c7:48:48:07:
         6d:55:bc:5b:3d:80:14:30:9f:36:2f:9e:d1:f6:d2:d6:e5:11:
         9d:5f:c0:18:b8:b2:01:e1:28:54:f3:c6:1c:f3:70:f9:97:e4:
         1f:53:11:5f:53:ae:f1:7a:85:97:49:3c:72:13:8f:34:fb:d4:
         c8:5d:46:01:dd:bd:8c:c0:e9:99:07:44:6d:30:2e:b7:d7:76:
         d0:ef:76:9f:ee:73:54:1c:42:8c:c0:89:ed:d9:cb:b8:b4:75:
         98:d7:f3:46:9d:25:dc:00:fa:c2:fc:1c:5d:de:f5:0f:a0:30:
         80:9d:2e:81:b4:6a:bf:28:9b:e1:ef:84:8c:fd:44:74:eb:f7:
         c9:61:10:5a:d2:27:f2:5e:c0:79:23:97:ca:6f:5f:f6:c0:2c:
         42:14:79:da:15:94:3a:aa:96:87:5a:30:b8:0e:38:9e:18:5b:
         c5:90:9f:db:66:cb:f6:56:94:12:d3:61:7f:eb:9f:ee:3a:ab:
         ad:24:67:bf:aa:8d:90:73:3b:fd:db:f3:4e:13:6a:78:05:04:
         71:b4:57:2b:e7:ae:50:f9:33:74:a1:c0:97:0e:a3:bb:af:cd:
         fc:45:3e:8d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfrsx7GrXtItutrhpGw1q/o6kCLswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzIyMDAzMjAwWhcNMjUwODI2MjM1OTU5
WjB6MUkwRwYDVQQFE0A2NGUwZTYzYjczYTI0YmY5OTc0YTQ2ODUxMWNiZTlmNDMz
ZjI1YjNhYzE5NDZjYmI5OWE4ZWVkMTRiY2U4MjAwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDTTkTc5CunG2JJfJjBHCRfTI4p1pOUP/T+imeE00oo44c4
5uq+rqipp+Rwb25MR9Qpp31mJfPF2BxgHR/1yKa3wBcA0XF7WwRsU/SWcyy8hWE0
mC9OtvACff2ZBcFezVBTmhBadsyG8vcO3aSBa0JolCoAUP0ysqEWMlvze9FL6ryI
51c5YPhzyaq53q4B4725G4qy2XrKYDLOB/eKWYkW5RFprBfjtWFvj1mLL0Pe/jyN
++D+6D3B1PyEC1cRXkUr1Ip1G8Hlv38WTUbwdfFtoSPkK++PZQ5YPc4cmEXMEaOO
0q3nBFlL9Tk9Qmt/HmVZRVUzy20cE10qSL5q5qkBAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUyTW57viicM2iW1M/ZpW2MijSTUwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI3Zjc3ODFmLWRiYzUtNGM0MC05NzFmLTU3NTFlMWVhMzViMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQFrnAwDQYJKoZIhvcNAQELBQADggEBAJ52OxsLOeT/UYdWW2Mwrr5FdsiK
4LlQB3tQFhIPSyBjx0hIB21VvFs9gBQwnzYvntH20tblEZ1fwBi4sgHhKFTzxhzz
cPmX5B9TEV9TrvF6hZdJPHITjzT71MhdRgHdvYzA6ZkHRG0wLrfXdtDvdp/uc1Qc
QozAie3Zy7i0dZjX80adJdwA+sL8HF3e9Q+gMICdLoG0ar8om+HvhIz9RHTr98lh
EFrSJ/JewHkjl8pvX/bALEIUedoVlDqqlodaMLgOOJ4YW8WQn9tmy/ZWlBLTYX/r
n+46q60kZ7+qjZBzO/3b804TangFBHG0VyvnrlD5M3ShwJcOo7uvzfxFPo0=
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:52:15 2025 by rpki-client